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IN THE CLAIMS 

1 1. (original) A method comprising the steps of: 

2 receiving from a customer over a network an application for a credit card 

3 authorization, a non-migratable key, a first certificate by a Trusted Platform Module 

4 (TPM) identity associated with a computer system used by the customer, and a 

5 second certificate acquired by the computer system from a Certification Authority 

6 (CA); 

7 creating a public/private key pair and a third certificate in response to the 

8 receiving step; and 

9 sending the public/private key pair and the third certificate to the customer 
1 0 over the network. 

1 2. (original) The method as recited in claim 1, wherein after the sending step, 

2 the customer is capable of using the public/private key pair and the third certificate to 

3 make purchases over the network. 

1 3. (original) The method as recited in claim 1, wherein the TPM identity is a 

2 public/private key pair created as a result of a command by the customer input into 

3 the computer system. 

1 4. (original) The method as recited in claim 1 , wherein the second certificate is 

2 created by the Certification Authority in response to receiving a third certificate 

3 signed by a manufacturer of the TPM and a public key of the TPM identity. 

1 5. (original) The method as recited in claim 4, wherein the third certificate is 

2 associated with an endorsement key of the TPM. 



2 



RPS9-2001-0022 



PATENT 



1 6. (original) The method as recited in claim 1 , wherein the network is the 

2 Internet. 

1 7. (previously presented) A method comprising the steps of: 

2 creating a TPM identity at a customer's computer system; 

3 obtaining, at the customer's computer system, a first certificate from a first 

4 server supporting a CA over a network; 

5 creating, at the customer's computer system, a non-migratable key; and 

6 transferring a credit card authorization application, the TPM identity, the non- 

7 migratable key, and the first certificate from the customer's computer system to a 

8 second server supporting a credit card company. 

1 8. (original) The method as recited in claim 7, further comprising the steps of: 

2 the second server supporting the credit card company creating a public/private 

3 key pair and a second certificate in response to the transferring step; and 

4 transferring the public/private key pair and the second certificate from the 

5 second server supporting the credit card company to the customer's computer system. 

1 9. (original) The method as recited in claim 8, wherein the step of transferring 

2 the public/private key pair and the second certificate from the second server 

3 supporting the credit card company to the customer's computer system is performed 

4 using a traditional mail service. 

1 10. (original) The method as recited in claim 8, wherein the step of transferring 

2 the public/private key pair and the second certificate from the second server 

3 supporting the credit card company to the customer's computer system is performed 

4 using the network. 
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1 11. (original) The method as recited in claim 8, further comprising the step of: 

2 a customer using the public/private key pair and the second certificate for 

3 commercial transactions over the network. 

1 1 2. (original) The method as recited in claim 1 1 , wherein the network is the 

2 Internet. 

1 13. (original) The method as recited in claim 7, wherein the creating step further 

2 comprises creating a public/private key pair. 

1 14. (original) The method as recited in claim 13, wherein the step of the 

2 customer's computer system obtaining the first certificate from the first server 

3 supporting the CA over the network further comprises the steps of: 

4 transferring from the customer's computer system to the first server supporting 

5 the CA a public portion of the public/private key pair created when the TPM identity 

6 is created and a third certificate associated with an endorsement key of the TPM; 

7 the CA checking an authenticity of the third certificate; 

8 the CA creating a fourth certificate for the TPM identity; 

9 the CA encrypting the fourth certificate; 

1 0 the CA bundling the encrypted fourth certificate with the public portion of the 

1 1 public/private key pair created when the TPM identity is created to create a first 

12 bundle; and 

1 3 the CA encrypting the first bundle with a public key of the third certificate to 

1 4 create a second bundle. 

1 15. (original) The method as recited in claim 14, wherein the step of transferring 

2 the public/private key pair and the second certificate from the second server 
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3 supporting the credit card company to the customer's computer system further 

4 comprises the steps of: 

5 the TPM decrypting the second bundle with a private portion of the third 

6 certificate producing the first bundle; and 

7 the TPM decrypting the first bundle with a private portion of the 

8 public/private key pair created when the TPM identity is created. 

1 1 6. (original) A computer program product adaptable for storage on a computer 

2 readable medium, comprising the program steps of: 

3 receiving from a customer over a network an application for a credit card 

4 authorization, a non-migratable key, a first certificate by a Trusted Platform Module 

5 (TPM) identity associated with a computer system used by the customer, and a 

6 second certificate acquired by the computer system from a Certification Authority 

7 (CA); 

8 creating a public/private key pair and a third certificate in response to the 

9 receiving step; and 

10 sending the public/private key pair and the third certificate to the customer 

1 1 over the network. 

1 17. (original) The computer program product as recited in claim 1 6, wherein after 

2 the sending step, the customer is capable of using the public/private key pair and the 

3 third certificate to make purchases over the network. 

1 18. (original) The computer program product as recited in claim 16, wherein the 

2 TPM identity is a public/private key pair created as a result of a command by the 

3 customer input into the computer system. 



5 



RPS9-2001-0022 



PATENT 



1 19. (original) The computer program product as recited in claim 16, wherein the 

2 second certificate is created by the Certification Authority in response to receiving a 

3 third certificate signed by a manufacturer of the TPM and a public key of the TPM 

4 identity. 

1 20. (original) The computer program product as recited in claim 19, wherein the 

2 third certificate is associated with an endorsement key of the TPM. 

1 21 . (original) A computer program product adaptable for storage on a computer 

2 readable medium, comprising the program steps of: 

3 creating a TPM identity; 

4 obtaining a first certificate from a CA; 

5 creating a non-migratable key; 

6 contacting a web site supporting a credit card company; 

7 sending to the web site an application for a credit card authorization, the TPM 

8 identity, the first certificate, and the non-migratable key; and 

9 receiving from the web site a public/private key pair and a second certificate 
1 0 enabling the credit card authorization. 

1 22. (original) The computer program product as recited in claim 21, further 

2 comprising the program step of: 

3 conducting a commercial transaction over the Internet using the credit card 

4 authorization as enabled by the public/private key pair and the second certificate. 

1 23 . (original) The computer program product as recited in claim 2 1 , wherein the 

2 non-migratable key is a signing key. 
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1 24. (original) The computer program product as recited in claim 2 1 , wherein the 

2 non-migratable key is a storage key. 

1 25. (original) A system comprising: 

2 a server supporting a web site of a credit card company; 

3 a customer computer including a TPM; 

4 a network linked to the server and the customer computer; 

5 first software stored in memory in the customer computer for requesting the 

6 TPM to create a TPM identity; 

7 second software stored in memory in the customer computer for obtaining a 

8 first certificate over the network from a CA; 

9 third software stored in memory in the customer computer for creating a non- 

1 0 migratable key; 

1 1 fourth software stored in memory in the customer computer for browsing the 

12 web site of the credit card company over the network; 

13 fifth software stored in memory in the customer computer for sending an 

14 application for a credit card authorization to the web site of the credit card company 

1 5 over the network; 

16 sixth software stored in memory in the customer computer for sending to the 

17 web site of the credit card company over the network the TPM identity, the first 

1 8 certificate, and the rion-migratable key; 

1 9 the web site of the credit card company creating a public/private key pair and 

20 a second certificate; and 

21 the web site of the credit card company sending the public/private key pair 

22 and the second certificate over the network to the customer computer. 
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1 26. (previously presented) A system comprising: 

2 a memory; 

3 code stored in said memory; 

4 an adapter which communicates data to and receives data from a certificate 

5 server and a credit card application server; 

6 a Trusted Platform Module (TPM); 

7 a CPU, operatively coupled to said memory, said TPM, and said 

8 communications adapter, and which executes code stored in said memory; 

9 said CPU when executing said code effective in: 

1 0 creating a TPM identity; 

1 1 obtaining from said communications adapter a first certificate 

12 originating from said certificate server; 

1 3 creating a non-migratable key; and 

14 transferring a credit card authorization application, said TPM identity, 

15 said non-migratable key, and said first certificate to said credit card application 

16 server. 

1 27. (previously presented) Apparatus comprising: 

2 an adapter through which data is exchanged with a certificate server and a 

3 credit card application server, a Trusted Platform Module (TPM) which creates a 

4 TPM identity; a CPU coupled to said adapter and to said TPM and effective in: 

5 (1) obtaining from said adapter a first certificate originating from the 

6 certificate server; 

7 (2) creating a non-migratable key and transferring said non-migratable 

8 key, said TPM identity, said first certificate, and a credit card authorization 

9 application to the credit card application server. 
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